QT/bigcapital
1
0
Fork 0
mirror of https://github.com/bigcapitalhq/bigcapital.git synced 2026-02-16 21:00:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: should retrieve user inactive error in login response API.

Browse Source 
fix: prevent from delete or inactivate the current authorized user.
This commit is contained in:
Ahmed Bouhuolia
2020-09-20 18:39:14 +02:00
parent e28f8496c6
commit e2c53f4513
11 changed files with 151 additions and 105 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
server/src/services/Users/UsersService.ts
View File

@@ -53,7 +53,7 @@ export default class UsersService {
* @param {number} userId -
* @returns {ISystemUser}
*/
async getUserOrThrowError(tenantId: number, userId: number): void {
async getUserOrThrowError(tenantId: number, userId: number): Promise<ISystemUser> {
const { systemUserRepository } = this.repositories;
const user = await systemUserRepository.getByIdAndTenant(userId, tenantId);
@@ -72,7 +72,7 @@ export default class UsersService {
async deleteUser(tenantId: number, userId: number): Promise<void> {
const { systemUserRepository } = this.repositories;
await this.getUserOrThrowError(tenantId, userId);
this.logger.info('[users] trying to delete the given user.', { tenantId, userId });
await systemUserRepository.deleteById(userId);
@@ -84,7 +84,8 @@ export default class UsersService {
* @param {number} tenantId
* @param {number} userId
*/
async activateUser(tenantId: number, userId: number): Promise<void> {
async activateUser(tenantId: number, userId: number, authorizedUser: ISystemUser): Promise<void> {
this.throwErrorIfUserIdSameAuthorizedUser(userId, authorizedUser);
const { systemUserRepository } = this.repositories;
const user = await this.getUserOrThrowError(tenantId, userId);
@@ -99,8 +100,10 @@ export default class UsersService {
* @param {number} userId
* @return {Promise<void>}
*/
async inactivateUser(tenantId: number, userId: number): Promise<void> {
async inactivateUser(tenantId: number, userId: number, authorizedUser: ISystemUser): Promise<void> {
this.throwErrorIfUserIdSameAuthorizedUser(userId, authorizedUser);
const { systemUserRepository } = this.repositories;
const user = await this.getUserOrThrowError(tenantId, userId);
this.throwErrorIfUserInactive(user);
@@ -114,6 +117,7 @@ export default class UsersService {
*/
async getList(tenantId: number) {
const users = await SystemUser.query()
.whereNotDeleted()
.where('tenant_id', tenantId);
return users;
@@ -149,4 +153,15 @@ export default class UsersService {
throw new ServiceError('user_already_inactive');
}
}
/**
* Throw service error in case the given user same the authorized user.
* @param {number} userId
* @param {ISystemUser} authorizedUser
*/
throwErrorIfUserIdSameAuthorizedUser(userId: number, authorizedUser: ISystemUser) {
if (userId === authorizedUser.id) {
throw new ServiceError('user_same_the_authorized_user');
}
}
}